|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.jsslutils.extra.gsi.GsiWrappingTrustManager
public class GsiWrappingTrustManager
TrustManager that accepts GSI proxy certificates (clients).
Nested Class Summary | |
---|---|
static class |
GsiWrappingTrustManager.CertificateCriticalExtensionsNotSupported
|
static class |
GsiWrappingTrustManager.Wrapper
Wrapper factory class that wraps existing X509TrustManagers into GsiWrappingTrustManagers. |
Field Summary | |
---|---|
static String |
KEY_USAGE_EXTENSION_OID_STRING
|
static String |
PRERFC_EXTENSION_OID_STRING
|
static String |
RFC3820_EXTENSION_OID_STRING
|
Constructor Summary | |
---|---|
GsiWrappingTrustManager(X509TrustManager trustManager,
boolean allowLegacy,
boolean allowPreRfc,
boolean allowRfc3820)
Creates a new instance from an existing X509TrustManager. |
Method Summary | |
---|---|
void |
checkClientTrusted(X509Certificate[] chain,
String authType)
Checks that the client is trusted; the aim is to follow RFC 3820. |
void |
checkServerTrusted(X509Certificate[] chain,
String authType)
Checks that the server is trusted; in this case, it delegates this check to the trust manager it wraps. |
X509Certificate[] |
getAcceptedIssuers()
Returns the accepted issuers; in this case, it delegates this to the trust manager it wraps. |
static CertificateException |
verifyLegacyProxyCertificate(X509Certificate[] chain,
int eecCertIndex,
Date date)
|
static CertificateException |
verifyPreRfcProxyCertificate(X509Certificate[] chain,
int eecCertIndex,
Date date)
|
static CertificateException |
verifyProxyCertificate(X509Certificate[] chain,
int eecCertIndex,
boolean allowLegacy,
boolean allowPreRfc,
boolean allowRfc3820,
Date date)
|
static CertificateException |
verifyProxyCertificate(X509Certificate[] chain,
int eecCertIndex,
Date date)
|
static CertificateException |
verifyRfc3820ProxyCertificate(X509Certificate[] chain,
int eecCertIndex,
Date date)
|
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final String PRERFC_EXTENSION_OID_STRING
public static final String RFC3820_EXTENSION_OID_STRING
public static final String KEY_USAGE_EXTENSION_OID_STRING
Constructor Detail |
---|
public GsiWrappingTrustManager(X509TrustManager trustManager, boolean allowLegacy, boolean allowPreRfc, boolean allowRfc3820)
trustManager
- X509TrustManager to wrap.Method Detail |
---|
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException
checkClientTrusted
in interface X509TrustManager
CertificateException
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException
checkServerTrusted
in interface X509TrustManager
CertificateException
public X509Certificate[] getAcceptedIssuers()
getAcceptedIssuers
in interface X509TrustManager
public static CertificateException verifyProxyCertificate(X509Certificate[] chain, int eecCertIndex, Date date)
public static CertificateException verifyProxyCertificate(X509Certificate[] chain, int eecCertIndex, boolean allowLegacy, boolean allowPreRfc, boolean allowRfc3820, Date date)
public static CertificateException verifyLegacyProxyCertificate(X509Certificate[] chain, int eecCertIndex, Date date)
public static CertificateException verifyPreRfcProxyCertificate(X509Certificate[] chain, int eecCertIndex, Date date)
public static CertificateException verifyRfc3820ProxyCertificate(X509Certificate[] chain, int eecCertIndex, Date date)
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |